Skip to content

Instantly share code, notes, and snippets.

@cannikin

cannikin/cloudformation.template Secret

Created March 19, 2015 20:44
Show Gist options
  • Save cannikin/9801aa3451d538be1689 to your computer and use it in GitHub Desktop.
Save cannikin/9801aa3451d538be1689 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
cloudformation.template
{
"AWSTemplateFormatVersion": "2010-09-09",
"Resources": {
"vpce8b3108d": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": "172.31.0.0/16",
"InstanceTenancy": "default",
"EnableDnsSupport": "true",
"EnableDnsHostnames": "true"
}
},
"subnet1461ba63": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": "172.31.16.0/20",
"AvailabilityZone": "us-west-2b",
"VpcId": {
"Ref": "vpce8b3108d"
}
}
},
"subnetfb0ff7a2": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": "172.31.0.0/20",
"AvailabilityZone": "us-west-2c",
"VpcId": {
"Ref": "vpce8b3108d"
}
}
},
"subnetbadc58df": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": "172.31.32.0/20",
"AvailabilityZone": "us-west-2a",
"VpcId": {
"Ref": "vpce8b3108d"
}
}
},
"igwbee921db": {
"Type": "AWS::EC2::InternetGateway",
"Properties": {}
},
"doptc630d6a3": {
"Type": "AWS::EC2::DHCPOptions",
"Properties": {
"DomainName": "us-west-2.compute.internal",
"DomainNameServers": [
"AmazonProvidedDNS"
]
}
},
"aclb561c3d0": {
"Type": "AWS::EC2::NetworkAcl",
"Properties": {
"VpcId": {
"Ref": "vpce8b3108d"
}
}
},
"rtbba9a34df": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "vpce8b3108d"
}
}
},
"elbprod": {
"Type": "AWS::ElasticLoadBalancing::LoadBalancer",
"Properties": {
"Subnets": [
{
"Ref": "subnet1461ba63"
},
{
"Ref": "subnetbadc58df"
},
{
"Ref": "subnetfb0ff7a2"
}
],
"HealthCheck": {
"HealthyThreshold": "2",
"Interval": "10",
"Target": "HTTP:80/",
"Timeout": "5",
"UnhealthyThreshold": "2"
},
"Instances": [
{
"Ref": "instanceia21c62ae"
}
],
"SecurityGroups": [
{
"Ref": "sgprod"
},
{
"Ref": "sgweb"
}
],
"Listeners": [
{
"InstancePort": "80",
"LoadBalancerPort": "80",
"Protocol": "HTTP",
"InstanceProtocol": "HTTP"
}
]
}
},
"instanceia21c62ae": {
"Type": "AWS::EC2::Instance",
"Properties": {
"DisableApiTermination": "FALSE",
"ImageId": "ami-3d50120d",
"InstanceType": "t2.micro",
"KeyName": "exampleapp-prod",
"Monitoring": "false",
"Tags": [
{
"Key": "Name",
"Value": "prod1"
}
],
"NetworkInterfaces": [
{
"DeleteOnTermination": "true",
"DeviceIndex": 0,
"SubnetId": {
"Ref": "subnet1461ba63"
},
"PrivateIpAddresses": [
{
"PrivateIpAddress": "172.31.29.177",
"Primary": "true"
}
],
"GroupSet": [
{
"Ref": "sgprod"
},
{
"Ref": "sgssh"
},
{
"Ref": "sgweb"
}
],
"AssociatePublicIpAddress": "true"
}
]
}
},
"rdsprod": {
"Type": "AWS::RDS::DBInstance",
"Properties": {
"AutoMinorVersionUpgrade": "true",
"DBInstanceClass": "db.t2.micro",
"Port": "3306",
"AllocatedStorage": "20",
"BackupRetentionPeriod": "30",
"DBName": "MyDatabase",
"Engine": "mysql",
"EngineVersion": "5.6.19a",
"LicenseModel": "general-public-license",
"MasterUsername": "root",
"MasterUserPassword": "password",
"PreferredBackupWindow": "08:00-08:30",
"PreferredMaintenanceWindow": "sat:09:00-sat:09:30",
"VPCSecurityGroups": [
{
"Ref": "sgprod"
}
],
"DBSubnetGroupName": {
"Ref": "dbsubnetdefault"
},
"Tags": [
{
"Key": "workload-type",
"Value": "other"
}
]
}
},
"dbsubnetdefault": {
"Type": "AWS::RDS::DBSubnetGroup",
"Properties": {
"DBSubnetGroupDescription": "default",
"SubnetIds": [
{
"Ref": "subnetfb0ff7a2"
},
{
"Ref": "subnetbadc58df"
},
{
"Ref": "subnet1461ba63"
}
]
}
},
"sgprod": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Access for production services",
"VpcId": {
"Ref": "vpce8b3108d"
},
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "3306",
"ToPort": "3306",
"CidrIp": "12.34.56.78/32"
}
],
"SecurityGroupEgress": [
{
"IpProtocol": "-1",
"CidrIp": "0.0.0.0/0"
}
]
}
},
"sgssh": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "SSH Access",
"VpcId": {
"Ref": "vpce8b3108d"
},
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": "12.34.56.78/32"
}
],
"SecurityGroupEgress": [
{
"IpProtocol": "-1",
"CidrIp": "0.0.0.0/0"
}
]
}
},
"sgweb": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "HTTP access",
"VpcId": {
"Ref": "vpce8b3108d"
},
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
}
],
"SecurityGroupEgress": [
{
"IpProtocol": "-1",
"CidrIp": "0.0.0.0/0"
}
]
}
},
"sgdefault": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "default VPC security group",
"VpcId": {
"Ref": "vpce8b3108d"
},
"SecurityGroupEgress": [
{
"IpProtocol": "-1",
"CidrIp": "0.0.0.0/0"
}
]
}
},
"dbsgdefault": {
"Type": "AWS::RDS::DBSecurityGroup",
"Properties": {
"GroupDescription": "default"
}
},
"acl1": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"CidrBlock": "0.0.0.0/0",
"Egress": true,
"Protocol": "-1",
"RuleAction": "allow",
"RuleNumber": "100",
"NetworkAclId": {
"Ref": "aclb561c3d0"
}
}
},
"acl2": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"CidrBlock": "0.0.0.0/0",
"Protocol": "-1",
"RuleAction": "allow",
"RuleNumber": "100",
"NetworkAclId": {
"Ref": "aclb561c3d0"
}
}
},
"subnetacl1": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"NetworkAclId": {
"Ref": "aclb561c3d0"
},
"SubnetId": {
"Ref": "subnetbadc58df"
}
}
},
"subnetacl2": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"NetworkAclId": {
"Ref": "aclb561c3d0"
},
"SubnetId": {
"Ref": "subnetfb0ff7a2"
}
}
},
"subnetacl3": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"NetworkAclId": {
"Ref": "aclb561c3d0"
},
"SubnetId": {
"Ref": "subnet1461ba63"
}
}
},
"gw1": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "vpce8b3108d"
},
"InternetGatewayId": {
"Ref": "igwbee921db"
}
}
},
"route1": {
"Type": "AWS::EC2::Route",
"Properties": {
"DestinationCidrBlock": "0.0.0.0/0",
"RouteTableId": {
"Ref": "rtbba9a34df"
},
"GatewayId": {
"Ref": "igwbee921db"
}
},
"DependsOn": "gw1"
},
"dchpassoc1": {
"Type": "AWS::EC2::VPCDHCPOptionsAssociation",
"Properties": {
"VpcId": {
"Ref": "vpce8b3108d"
},
"DhcpOptionsId": {
"Ref": "doptc630d6a3"
}
}
},
"ingress1": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "sgprod"
},
"IpProtocol": "tcp",
"FromPort": "3306",
"ToPort": "3306",
"CidrIp": "12.34.56.78/32"
}
},
"ingress2": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "sgprod"
},
"IpProtocol": "-1",
"SourceSecurityGroupId": {
"Ref": "sgprod"
},
"SourceSecurityGroupOwnerId": "280160971030"
}
},
"ingress3": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "sgssh"
},
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": "12.34.56.78/32"
}
},
"ingress4": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "sgweb"
},
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
}
},
"ingress5": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "sgdefault"
},
"IpProtocol": "-1",
"SourceSecurityGroupId": {
"Ref": "sgdefault"
},
"SourceSecurityGroupOwnerId": "280160971030"
}
},
"egress1": {
"Type": "AWS::EC2::SecurityGroupEgress",
"Properties": {
"GroupId": {
"Ref": "sgprod"
},
"IpProtocol": "-1",
"CidrIP": "0.0.0.0/0"
}
},
"egress2": {
"Type": "AWS::EC2::SecurityGroupEgress",
"Properties": {
"GroupId": {
"Ref": "sgssh"
},
"IpProtocol": "-1",
"CidrIP": "0.0.0.0/0"
}
},
"egress3": {
"Type": "AWS::EC2::SecurityGroupEgress",
"Properties": {
"GroupId": {
"Ref": "sgweb"
},
"IpProtocol": "-1",
"CidrIP": "0.0.0.0/0"
}
},
"egress4": {
"Type": "AWS::EC2::SecurityGroupEgress",
"Properties": {
"GroupId": {
"Ref": "sgdefault"
},
"IpProtocol": "-1",
"CidrIP": "0.0.0.0/0"
}
}
},
"Description": "Rails app, free-tier services (EC2, RDS)"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment